Reading:
All Wi-Fi networks reportedly vulnerable to hacking
Share:
wifi

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

All Wi-Fi networks reportedly vulnerable to hacking

Security experts warn that all Wi-Fi networks are vulnerable to hacking after a Belgian researcher managed to break through a protective security protocol implemented in most of the world’s routers.

Whilst unsurprising, given all the major hacks that have happened lately (Yahoo, Equifax, HBO), confirming it still makes us all feel a little uneasy.

The researcher, Mathy Vanhoef, was studying the WPA2 security protocol used in wireless networks when he came across the vulnerability, and the result means that all devices that have a Wi-Fi connection could be affected by the weakness.

Vanhoef’s findings mean that any router that uses WPA2 Wi-Fi will reportedly carry the flaw, rather than any specific device made by a particular manufacturer or model.

Vanhoef gave this warning:

“We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs)… The attack works against all modern protected Wi-Fi networks.”

All modern routers reportedly use the ‘4-way’ handshake to verify the credentials of the person wanting to access a protected Wi-Fi network against the server’s password. The 4-way handshake creates a fresh encryption key to encrypt data each time someone new joins the network. The key reinstallation attack is “achieved by manipulating and replaying cryptographic handshake messages,” meaning attackers can essentially deceive users into reinstalling a key that has already been used, allowing the hacker to attack the encryption protocol.

This vulnerability that reportedly affects most of the world’s routers could allow hackers to get in between the Wi-Fi traffic exchanged between devices using the same connection. As most laptops, tablets, printers and other mobile devices use the same wireless access point, hackers could infiltrate the connection and steal private information.

Working with Belgian University KU Leuven, Vanhoef warns that hackers can use this method of attack to steal sensitive information that was “previously assumed to be safely encrypted“, including financial information, login details, online messages, e-correspondence, digital photographs etc.

It’s not just information being taken that’s worrying; hackers who get in could inject harmful malware, and hold your data for ransom!

However, the one good news is that the hackers wanting to expose this vulnerability must be physically close by. Britain’s National Cyber Security Centre produced a statement emphasising the need for physical proximity. It also notes that the potential weakness “would not compromise connections to secure websites, such as banking services or online shopping,” – i.e. websites that usually have a padlock icon in the URL bar.

Publication of the report must have reached Apple, Google, Microsoft etc. We now rely on them to keep producing up-to-date software to patch up these vulnerabilities. However, security research fellow at UCL, Dr Steven J Murdoch, warns that “many manufacturers do not fix vulnerabilities in their products which they are not actively marketing.” This could mean that users of older or less popular devices could be left in the dark with no one to check up on security protection.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon